Monthly Archives: August 2015

"We are not in the watchmaking business, we are in the true luxury business."

- Yves Piaget

When I ask many young CEO's and marketing people "Who's your competition and why are you better?" they answer with a list of both strengths and the competitors' longer list of weaknesses. In addition, they rarely include the big competitor which is the customer's status quo.

Here's how to think strategically about competition.

HIGHLIGHTING A COMPETITOR'S WEAKNESSES RARELY WORKS

Today's customer's are more informed of competitor's strengths and weaknesses (especially if they are already using the products)

On August 20, I recieved an email from my hosting provider (www.Arvixe.com) saying they deleted something bad from my directory and I was likely part of a phishing scheme. When I went to the website every page said: "hacked by Hwins2005" Bummer....

So here I am on August 23 after 20 hours of deep dives into WordPress, (opening more PHP files than God intended), a bit of Apache, every tool CPanel offered and I'M BACK! I still have a ticket with my provider which is making it's way up the queue.

This is a record of those lovely hours. I hope it is helpful for anyone that has to go through it. First however is the emotional aspect... it is a mini version of a feeling I had many years ago when my house was broken into. A feeling of invasion, violation of personal space and anger. People have this feeling and it is why privacy is manifesting itself politically, whether it's the NSA, Scott McNealy's 2009 quote: "You Have Zero Privacy Anyway. Get Over It" or Facebook data-mining your friends to get a better credit score on you... GET THE F*%$ OUT OF HERE!

So here's what I did:

TRY TO FIX THE EXISTING SITE

Read about the first 6 or 7 search items on "WordPress Hacked" (half were advertisements)

Logged into wp-admin and realized that my backup settings were not scheduled and my backup was months old (while fearing I was doing something bad by logging in)... more Bummer

Ran a backup because the searches said to

Downloaded a malware plugin and ran it ( $ to get the fix-it plugin)

Deleted that plugin then downloaded and ran another ( $ to get the fix-it plugin)

Ditto for that plugin

Spent some time cruising WP directories and opening files hoping for a hail mary

Gave up

Qnap NAS Storage Server

ABANDON THE EXISTING SITE AND REBUILD ON A STAGING SITE

Decided to build a "staging version" and was always intrigued what the performance of a WordPress stack would be on my QNAP TS-419U II NAS

Built a clean MySQL/WordPress/Apache stack on the QNAP and the
performance SUCKED (minutes to do single digit second tasks on my hosting provider)!

BTW I'm a BIG fan of QNAP and their hardware/software. This server has a Marvell 2GHz single core processor and it just wasn't up to managing the RAID as well as the WP Stack.

Before the hack I was moving my trading code (C#.Net, C++, Amibroker and Matlab) to the cloud using virtual machines in Virtualbox mixing Win7 and Centos. I intended to automate the configuration and provisioning with Vagrant.

Great stuff but realizing I was getting far away from fixing my blog, I Gave Up ( ummm..... more like postponed to fix the specific, instead of the general problem )

TRY TO FIX THE EXISTING SITE OR REBUILD AT THE HOSTING PROVIDER

I started running phpmyadmin browsing the SQL tables and removed a bunch of users, changed my admin account Usernames and Passwords and the character code from UTC-7??? Back to UTC-8.

Deleted (not just de-activated) all plug-ins except the most basic.

Without a terminal on CPanel to "grep" my way through all the WP files I kept wondering how long it would take to build a diff tool to compare my site to the WP release on GITHUB. Then I found Anti-Malware and Brute-Force Security by ELI. I installed and ran it.

The plug-in did not find the problem but gave me about 10 suspect files. I opened them with the CPanel editor and pasted the current GIT versions. When saving, the editor informs whether anything changed, two files had changed.

The site and pages still redirected to the "hacked by Hwins2005". I figured if my php files were cool there must still be issues in the javascript

I deleted my Theme and reloaded it

I'M BACK

Whew.... probably saved $250 to have someone clean it for me but I learned alot about WordPress' architecture and improved my CPanel and overall web stack chops. I'll be attempting to harden things more going forward.